package com.mf.security.handler;

import com.alibaba.fastjson2.JSON;
import com.mf.basic.BasicDuration;
import com.mf.basic.BasicKey;
import io.github.heollhai.common.config.reids.RedisOperator;
import io.github.heollhai.common.config.security.utils.SecurityUtils;
import io.github.heollhai.common.entity.security.dto.UserByRoleDto;
import io.github.heollhai.common.entity.vo.user.LoginResultVo;
import io.github.heollhai.common.result.Result;
import io.github.heollhai.common.utils.*;
import jakarta.annotation.Resource;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

import java.io.IOException;

/**
 * @Author: lmf
 * @Create: 2024/8/6 14:32
 * Description: 登录成功之后的处理
 */
@Component
public class LoginAuthenticationSuccessHandlerImpl implements AuthenticationSuccessHandler {
    @Resource
    private RedisOperator redisOperator;

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                        Authentication authentication) throws IOException, ServletException {

        UserByRoleDto userByRoleDto = SecurityUtils.getUserByRoleDto();
        if (VerifyUtils.isNotEmpty(userByRoleDto)) {

            // 生成token
            String token = JWTUtil.createToken(userByRoleDto.getNameAndId());

            // 返回给前端token信息
            LoginResultVo loginResultVo = new LoginResultVo();
            loginResultVo.setToken(token);

            // 存储两个key主要是为了后续，如果有多个地方登录，如果例如修改密码了，可以把公共的信息清除掉，，让该账号多地登录的信息都失效

            // 存入公共的用户登录信息到 redis
            redisOperator.set(BasicKey.REDIS_USER_TOKEN + userByRoleDto.getNameAndId(),
                    JSON.toJSONString(userByRoleDto), BasicDuration.TOKEN_DURATION);

            // 获取ip+token前缀
            String tokenInfo = HttpServletRequestUtils.getBrowserInfo(request, BasicKey.REDIS_USER_TOKEN);
            // 获取ip+刷新token前缀
            String refreshInfo = HttpServletRequestUtils.getBrowserInfo(request, BasicKey.REDIS_USER_REFRESH_TOKEN);




            // 存入用户登录信息到 redis
            redisOperator.set(tokenInfo + userByRoleDto.getNameAndId(), BasicKey.DEFAULT_VALUE,
                    BasicDuration.TOKEN_DURATION);

            loginResultVo.setRefreshToken(CommonUtils.MD5(  refreshInfo + userByRoleDto.getNameAndId() + DateUtil.getCurrentLocalDateTime()));
            // 记录刷新token 值为token 登录过期后(当token过期后，用户拿刷新token和过期的token来更新token)
            redisOperator.set( refreshInfo + userByRoleDto.getNameAndId(),
                    token+"&&"+userByRoleDto.getUserBo().getAccount(),
                    BasicDuration.REFRESH_TOKEN_DURATION);

            // 返回到前端
            Result<LoginResultVo> result = Result.success(loginResultVo);
            ResponseUtils.writeJson(response, result);

        }


    }
}